If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Windows 2003 Group Policy Issue

Hi gals/ guys
Yet again i seek your advice and help in an issue i am facing form last few days, the Group Policy of my windows 2003 machine got corrupted or dunno what happen to it. Not a single user of the domain could logged into the machine, even can't accesss the shared folder.

Even when I try to join a system on Domain i get the same message (attached screenshot). When i try to delete the group policy i get the same message, even can't modify it. Although i am logged into the system with Administrator ID and i am administrator of the system.

One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

FanaCool,
Having some Event ID's would really help us all out. Check your Event Viewer (as mentioned before) and post any errors that relate to the problem you are experiencing (or that you think relate to the problem). I have found many times that using Event Viewer really helps in isolating the problem, rather than driving yourself nuts trying every solution until one works.

The object of war is not to die for your country but to make the other bastard die for his - George Patton

Fana,
I forget if you have one or two DC in your AD. If you haven't already tried log locally to the DC as has been suggested with the domain admin account. If you have two DC's try on thte two if it works on one and not on the other check to see if the replication is working ok. Also ,I don't have a server where i am now so can't give you exact instructions, check that you still have the right to modify the groups policys. Had a case once where a tech changed the policy for the domain thinking if was only for his DC.
Verify your event logs and check the error codes, if any, on the technet site if you haven't already.
Let us know if you get it worked out.
Cheers
Muracu

\"America is the only country that went from barbarism to decadence without civilization in between.\"
\"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
Oscar Wilde(1854-1900)

Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 12
Date: 8/10/2006
Time: 6:48:00 PM
User: N/A
Computer: Server
Description:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.

Another Error i see is this : -

Event Type: Error
Event Source: MRxSmb
Event Category: None
Event ID: 8003
Date: 8/10/2006
Time: 6:42:07 PM
User: N/A
Computer: SERVER
Description:
The master browser has received a server announcement from the computer COMPUTER1 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F8FB0E1A-7C4B-4401-A3. The master browser is stopping or an election is being forced.

Event Type: Warning
Event Source: DhcpServer
Event Category: None
Event ID: 1056
Date: 8/10/2006
Time: 6:32:54 PM
User: N/A
Computer: SERVER
Description:
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service. This is not a recommended security configuration. Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.

The Remote desktop connection is with the internal server, its a database server and i nomrally logged into with from the main server.

Coming back to the main server, i am logged into the server locally and when i try to change the Group policy container i get the message which i have attached.

The DNS is working fine, its running perfectly alright.

I have just notice when more thing here when i Open Group Policy Management Tool there is blue icon with ! mark against the my Domain.

One more thing when I run Group Policy Result on the server machine with the same user In GPO (Group Policy Object) applied GPO shows nothing while denied GPO's Shows 2 one is default and reason for denied is EMPTY and simliarly the NEW GROUP POLICY OBJECT is also Denied for the same reason.

Any comments on it ?

One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!